For fish25 re:eiwido/ESS

Discussion in 'other anti-trojan software' started by spy1, Mar 22, 2004.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Besides the very big PLUS that it's free, is there anything that sets your program apart, detection-wise, from any of the pay programs?

    IOW, what would make me choose your program over one of the other ones available?

    How well does it "clean up" after an infection - or does it just "quarantine" stuff?

    Are you using any "new" types of detection processes?

    How about unpackers? More than one? Pete
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Come to think of it - who are you?

    What's your/your company's background?

    (So many people come out of nowhere, you know what I mean?).

    IOW - baldly put (but with no offense intended) - why should we trust either you or your program?

    (As you come to know and love me, you'll notice that I ask awkward questions at times! :D ). Pete

    *Great catch on that re-basing issue, BTW!
     
  3. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Many things ;) Just some examples:
    Very strong binary signatures with Fuzzy Logic
    Powerful unpacking engine based on emulation
    Crypted database (AES 128-Bit)
    Intelligent Online-Update with integrity-check
    Generic-Binder-Detection
    Very user-friendly Interface
    ...

    The upcoming pro-Version will also feature a Guard running on Ring 0, a real memory Scanner (can detect e.g. armadillo copymem, api hooking), Heuristics and so on...

    Searches for autostart/running processes and finally removes the file (with backup)... If not possible after reboot.

    Again, many (even more than KAV!)... Fuzzy signatures against patching & signature detection, immune against rebasing/OEP modifaction etc.

    More than one! We use generic emulation... So we're able to unpack e.g. upx, aspack, fsg, neolite, pepack, stones pe crypter, pklite32, morphine etc. Immune against entrypoint/stub patching...
     
  4. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Sounds good! Need a tester? Pete
     
  5. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    why doesnt ESS support win98 now that microsoft have back tracked on their decisions due to the over whelming amount of businesses still using them and many home users also.
     
  6. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    For those of us using this "free" version, how much $$ will you take us for when the upcoming "pro" version comes out?
     
  7. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    spc - Perhaps the technologies and features he's using simply don't work on the older OS's?

    Slovak's question about the price was pertinent:

    fish25 - how much are you going to charge for the "Pro" version?

    And, once the "Pro" version comes out - are you still going to support the freeware version? Pete
     
  8. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    not quite sure yet, depends on the final features, but not too much ;)

    sure we'll do!
     
  9. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Not too much could be $50 or so, I am sure TDS says their product doesn't cost too much either. It would be nice if us so far faithful users of the "free" version that says "pro Version" when launched could get a really nice discounted price ;) ;)
     
  10. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    the only thing i can say at the moment is that the ess will be cheaper than tds ;)
     
Thread Status:
Not open for further replies.